Tag Archives: encryption

When you get a new laptop – with no cookies on it! – it’s a great opportunity to start afresh and protect your privacy online by default. As I recently got a new laptop here’s what I did as I set it up…

Start from scratch – no importing of settings/applications

Many laptop setup wizards offer the option to import applications, documents or other elements from your existing laptop. I didn’t do this, partly because I didn’t want to bloat my new laptop with anything that wasn’t necessary (and if you use cloud storage then you can download from there anyway), but largely because I wanted to check the settings of each application as I went – this is much easier to do if you’re installing them.

Browsers – install them all

I use at least four different browsers: Safari, Chrome, Firefox and Opera. (You might also want to install Tor for particular use cases, although I’m not going to cover it here).

It’s useful to have different browsers partly because they offer different functionality, but also because it allows you to separate different activities. For example: Continue reading →

What a pleasant surprise to visit a profile page on The Guardian website and see a big, prominent link to the member of staff’s public key. Is this routine? It seems it is: an advanced search for profile pages mentioning “public key” brings up over 1000 results. Continue reading →

The story found that most requests were made by private individuals, not politicians or criminals. Image: The Guardian

Sylvia Tippmann wasn’t looking for a story. In fact, she was working on a way that Google could improve the way that it handled ‘right to be forgotten‘ processes, when she stumbled across some information that she suspected the search giant hadn’t intended to make public.

But it was the way that Tippmann stumbled across the story that fascinated me: a combination of tech savvy, a desire to speed up work processes, and a strong nose for news that often characterise data journalists’ reporting. So I wanted to tell it here. Continue reading →

“Anonymity loves company,” security researcher Ross Anderson reminded attendees at this month’s Logan Symposium on secrecy, surveillance and censorship. “You can only hide in a crowd.”

In other words, the more people who use encryption in their email, or other security measures, the less unusual it becomes.

And the more widespread these practices are, the harder it is for the contents of messages to be used to identify whistleblowers – whether that is with journalists, charities, or even whistleblowing services (remember that only the message is encrypted, not the identity of the sender or recipient).

Early in Alan Pearce‘s book on web security, Deep Web for Journalists, a series of statistics appears that tell a striking story about the spread of surveillance in just one country.

199 is the first: the number of data mining programs in the US in 2004 when 16 Federal agencies were “on the look-out for suspicious activity”.

Just six years later there were 1,200 government agencies working on domestic intelligence programs, and 1,900private companies working on domestic intelligence programs in the same year.

As a result of this spread there are, notes Pearce, 4.8m people with security clearance “that allows them to access all kinds of personal information”. 1.4m have Top Secret clearance.

But the most sobering figure comes at the end: 1,600 – the number of names added to the FBI’s terrorism watchlist each day.

Predictive policing

This is the world of predictive policing that a modern journalist must operate in: where browsing protesters’ websites, making particular searches, or mentioning certain keywords in your emails or tweets can put you on a watchlist, or even a no-fly list. An environment where it is increasingly difficult to protect your sources – or indeed for sources to trust you.

Alan Pearce’s book attempts to map this world – and outline the myriad techniques to avoid compromising your sources. Continue reading →